Digital payments app GCash, which has more than 66 million users in the Philippines, has prevented hackers from stealing millions of pesos from its clients. Globe Telecom’s app detected small withdrawals from multiple users being sent to only two recipient accounts at another bank, and put a hold order on the transfers once it saw the pattern.
The aggregate amount of suspicious transactions was initially estimated at PHP37m ($760,000), sourced from GCash users worth only a few thousand pesos each. The app was suspended for 10 hours, affecting millions of Filipinos who rely on it for online shopping, settling bills and even public transport fares.
According to a ranking Globe official, the company decided to act after seeing successive “suspicious” transactions being directed from GCash to only two accounts: one in East West Banking and the other in Asia United Bank. The official believes the transfers were validated by the perpetrators using information gathered from users through phishing techniques.
The official explained that the company’s priority is to be proactive in its response so as to maintain the trust of its clients, especially with more Filipinos adopting digital payments since the start of the pandemic. The official also assured users that their money is intact and everything will be returned to them.
GCash is one of the most popular financial technology platforms in the Philippines. It enables users to send and receive money, pay bills, buy load, book movies and other entertainment events, and shop online. It also offers features such as GCredit, GInvest, and GInsure. GCredit is a digital credit line that allows users to pay bills, shop online, and purchase goods and services even if they don’t have enough money in their wallet. GInvest is a digital investment platform that allows users to invest in various funds managed by reputable investment companies. GInsure is a digital insurance platform that allows users to buy and manage insurance policies online.
GCash is not the only digital payments app that has faced security threats in the Philippines. In October 2020, PayMaya, another popular digital payments app, warned its users of a phishing scam that targeted its customers. The scam involved fraudsters sending text messages or emails that appeared to be from PayMaya, asking users to click on a link to verify their account information. Once the user clicked on the link, they were directed to a fake PayMaya website where they were asked to input their login credentials, which the fraudsters then used to steal money from their account.
As more Filipinos adopt digital payments, it’s essential for digital payments apps to ensure the security of their users’ accounts. This includes implementing two-factor authentication, using encryption to protect user data, and educating users on how to avoid phishing scams. It’s also important for users to be vigilant and report any suspicious activity to the app’s customer support team immediately. By working together, digital payments apps and users can help prevent cybercriminals from stealing their money.